From 170b0611e99ee405ef2251ecd4146b5123e1980e Mon Sep 17 00:00:00 2001
From: Brett Holman <brett.holman@canonical.com>
Date: Fri, 15 Mar 2024 17:36:43 -0600
Subject: [PATCH] fix logs

---
 cloudinit/url_helper.py                       | 25 ++++++++++++++++---
 .../datasources/test_nocloud.py               |  3 +--
 2 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/cloudinit/url_helper.py b/cloudinit/url_helper.py
index ecf8cd37802e..7fdc6c3b35f0 100644
--- a/cloudinit/url_helper.py
+++ b/cloudinit/url_helper.py
@@ -135,10 +135,27 @@ def read_ftps(url: str, timeout: float = 5.0, **kwargs: dict) -> "FtpResponse":
                     url=url,
                 ) from e
             LOG.debug("Attempting to login with user [%s]", user)
-            ftp_tls.login(
-                user=user,
-                passwd=url_parts.password or "",
-            )
+            try:
+                ftp_tls.login(
+                    user=user,
+                    passwd=url_parts.password or "",
+                )
+            except ftplib.error_perm as e:
+                LOG.warning(
+                    "Attempted to connect to an insecure ftp server but used "
+                    "a scheme of ftps://, which is not allowed. Use ftp://"
+                    "to allow connecting to insecure ftp servers."
+                )
+                raise UrlError(
+                    cause=(
+                        "Attempted to connect to an insecure ftp server but "
+                        "used a scheme of ftps://, which is not allowed. Use "
+                        "ftp:// to allow connecting to insecure ftp servers."
+                    ),
+                    code=500,
+                    headers=None,
+                    url=url,
+                ) from e
             LOG.debug("Creating a secure connection")
             ftp_tls.prot_p()
             LOG.debug("Reading file: %s", url_parts.path)
diff --git a/tests/integration_tests/datasources/test_nocloud.py b/tests/integration_tests/datasources/test_nocloud.py
index bb496ebbf68b..f2fcad30e805 100644
--- a/tests/integration_tests/datasources/test_nocloud.py
+++ b/tests/integration_tests/datasources/test_nocloud.py
@@ -398,8 +398,6 @@ def test_nocloud_ftps_unencrypted_server_fails(
         """
         cmdline = "ds=nocloud;seedfrom=ftps://localhost:2121"
         self._boot_with_cmdline(cmdline, client)
-        log = client.read_from_file("/var/log/cloud-init.log")
-        assert "Reading file from server over tls failed for url" in log
         verify_clean_boot(
             client,
             ignore_warnings=self.expected_warnings,
@@ -407,6 +405,7 @@ def test_nocloud_ftps_unencrypted_server_fails(
                 "Getting data from <class 'cloudinit.sources.DataSourc"
                 "eNoCloud.DataSourceNoCloudNet'> failed",
                 "Used fallback datasource",
+                "Reading file from server over tls failed for url",
             ],
         )